Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

Résilience et application aux protocoles de routage dans les réseaux de capteurs

This thesis focuses on the security issues of multi-hop routing protocols for Wireless Sensor Networks (WSNs). The rapid deployment capabilities, due to the lack of infrastructure, as well as the self organized and potentially fault-tolerant nature of WSNs make them attractive for multiple applications spanning from environmental monitoring (temperature, pollution, etc.) to building industrial automation (electricity/gas/water metering, event detection, home automation etc). Security is particularly challenging in WSNs. Because of their open and unattended deployment, in possibly hostile environments, powerful adversaries can easily launch Denial-of-Service (Dos) attacks, cause physical damage to sensors, or even capture them to extract sensitive information (encryption keys, identities, addresses etc.). After node compromise, an adversary can seek to disrupt the functionality of network layer by launching attacks such as node replication, Sybil, Selective forwarding, Sinkhole, Wormhole etc. To cope with these "insider" attacks, stemming from node compromise, "beyond cryptography" algorithmic solutions must be envisaged to complement the traditional cryptographic solutions. Firstly, we propose the resiliency concept including our definition and a new metric to compare routing protocols. This method allows to aggregate meaningfully several parameters (quantitative information) and makes it easier to visually discern various tradeoffs (qualitative information), thus greatly simplifying the process of protocol comparison. Secondly, we propose the protocol behaviors enhancing resiliency. Our proposition consists in three strategies: (i) introduce random behaviors (ii) limit route length (iii) introduce data replication. These mechanisms are applied to several well known routing protocols to study their resiliency. Finally, a theoretical study of resiliency is introduced. We present an analytical study of biased random walks under attacks to confirm the results obtained through simulations.Les travaux réalisés dans cette thèse se situent dans le domaine des réseaux de capteurs sans fil (Wireless Sensor Networks), déployés en environnement urbain et se focalisent sur la sécurité des protocoles de routage multi-sauts. Les capteurs sont souvent déployés dans des environnements ouverts et accessibles permettant aux éventuels attaquants de les détruire ou de les capturer afin d'en extraire les données sensibles (clés de chiffrement, identité, adresse, etc.). Les méthodes traditionnelles, basées sur la cryptographie, permettent d'obtenir une sécurité de base (authentification, confidentialité, intégrité, non répudiation etc.), mais ne permettent pas toujours de se prémunir contre les attaques dues à la compromission des nœuds (réplication des nœuds, Sybil, Selective forwarding, Blackhole, Sinkhole, Wormhole etc.). Dans le but d'apporter des solutions algorithmiques complémentaires aux solutions cryptographiques, nous étudions la résilience des protocoles de communication en présence d'adversaires internes visant à perturber l'acheminement de l'information à travers le réseau. Dans un premier temps, nous introduisons la notion de résilience et une métrique quantitative doublée d'une représentation qualitative pour mieux l'appréhender. Nous étudions les principaux protocoles de routage de la littérature selon notre métrique pour montrer leur capacité d'être résilients. Cette étude nous permet de proposer trois mécanismes visant à développer la résilience: (i) l'introduction de comportements aléatoires, (ii) la limitation de la longueur des routes et (iii) la réplication de paquets. Nous appliquons ces mécanismes aux protocoles classiques et nous les étudions selon notre métrique. Pour confirmer les résultats de simulations, nous proposons enfin un travail théorique pour mesurer analytiquement la résilience en nous basant sur le modèle des marches aléatoires biaisées

Resiliency and application to routing protocols in wireless sensor networks

Les travaux réalisés dans cette thèse se situent dans le domaine des réseaux de capteurs sans fil (Wireless Sensor Networks), déployés en environnement urbain et se focalisent sur la sécurité des protocoles de routage multi-sauts. Les capteurs sont souvent déployés dans des environnements ouverts et accessibles permettant aux éventuels attaquants de les détruire ou de les capturer afin d'en extraire les données sensibles (clés de chiffrement, identité, adresse, etc.). Les méthodes traditionnelles, basées sur la cryptographie, permettent d'obtenir une sécurité de base (authentification, confidentialité, intégrité, non répudiation etc.), mais ne permettent pas toujours de se prémunir contre les attaques dues à la compromission des nœuds (réplication des nœuds, Sybil, Selective forwarding, Blackhole, Sinkhole, Wormhole etc.). Dans le but d'apporter des solutions algorithmiques complémentaires aux solutions cryptographiques, nous étudions la résilience des protocoles de communication en présence d'adversaires internes visant à perturber l'acheminement de l'information à travers le réseau. Dans un premier temps, nous introduisons la notion de résilience et une métrique quantitative doublée d'une représentation qualitative pour mieux l'appréhender. Nous étudions les principaux protocoles de routage de la littérature selon notre métrique pour montrer leur capacité d'être résilients. Cette étude nous permet de proposer trois mécanismes visant à développer la résilience: (i) l'introduction de comportements aléatoires, (ii) la limitation de la longueur des routes et (iii) la réplication de paquets. Nous appliquons ces mécanismes aux protocoles classiques et nous les étudions selon notre métrique. Pour confirmer les résultats de simulations, nous proposons enfin un travail théorique pour mesurer analytiquement la résilience en nous basant sur le modèle des marches aléatoires biaisées.This thesis focuses on the security issues of multi-hop routing protocols for Wireless Sensor Networks (WSNs). The rapid deployment capabilities, due to the lack of infrastructure, as well as the self organized and potentially fault-tolerant nature of WSNs make them attractive for multiple applications spanning from environmental monitoring (temperature, pollution, etc.) to building industrial automation (electricity/gas/water metering, event detection, home automation etc). Security is particularly challenging in WSNs. Because of their open and unattended deployment, in possibly hostile environments, powerful adversaries can easily launch Denial-of-Service (Dos) attacks, cause physical damage to sensors, or even capture them to extract sensitive information (encryption keys, identities, addresses etc.). After node compromise, an adversary can seek to disrupt the functionality of network layer by launching attacks such as node replication, Sybil, Selective forwarding, Sinkhole, Wormhole etc. To cope with these "insider" attacks, stemming from node compromise, "beyond cryptography" algorithmic solutions must be envisaged to complement the traditional cryptographic solutions. Firstly, we propose the resiliency concept including our definition and a new metric to compare routing protocols. This method allows to aggregate meaningfully several parameters (quantitative information) and makes it easier to visually discern various tradeoffs (qualitative information), thus greatly simplifying the process of protocol comparison. Secondly, we propose the protocol behaviors enhancing resiliency. Our proposition consists in three strategies: (i) introduce random behaviors (ii) limit route length (iii) introduce data replication. These mechanisms are applied to several well known routing protocols to study their resiliency. Finally, a theoretical study of resiliency is introduced. We present an analytical study of biased random walks under attacks to confirm the results obtained through simulations

A New Metric to Quantify Resiliency in Networking

International audienceIn network protocol engineering resiliency is still a relatively new and somewhat ill-defined concept. Insofar only few studies attempt to define some metric to measure and thus quantify resiliency. In this paper we propose to quantify network resiliency along multiple parameters and further we introduce a two dimensional graphical representation with multiple axes forming an equiangular polygon surface. This method allows to aggregate meaningfully several parameters and makes it easier to visually discern various tradeoffs thus greatly simplifying the process of protocol comparison. Finally, this method is flexible and can be applied to various networking contexts

Toward Resilient Routing in Wireless Sensor Networks: Gradient-Based Routing in Focus

International audienceThis paper focuses on the resiliency of wireless sensor network routing protocols against selective forwarding attacks by compromised nodes. To provide for security in such a context cryptographic solutions must be completed by algorithmic solutions considering "beyond cryptography" approaches. Enhancing the routing protocol resiliency to attacks is one approach that merits further investigation. In a sense, resiliency to compromised nodes enhances the reliability of sensor networks. In this article, after discussing the shortcomings of existing routing protocols against packet-dropping malicious nodes we describe some protocol behaviors enhancing resiliency in this particular context. These behaviors are mainly based on traffic redundancy and probabilistic selection for the next hop candidates which permit to exploit and benefit from the inherent structural redundancy of densely deployed sensor networks. Several variants of the well known gradient-based routing protocol were tested and simulation results show that using the proposed strategies resiliency can be improved. The results also shed some light on the resiliency-energy consumption trade-off

Resiliency of wireless sensor networks: Definitions and analyses

International audienceThis paper considers security in wireless sensor networks (WSNs), focusing at the routing layer. We propose to analyze the behavior of some routing protocols according to attacks stemming from compromised nodes. Such malicious nodes could disrupt the routing functionality (node replication, Sybil attacks or Black-Grey-Sink holes). For such adversary models traditional cryptographic solutions are not enough by themselves but need to be completed by algorithmic solutions considering “beyond cryptography” approaches. Emphasizing internal attacks, with security features of routing in mind, we define the resiliency as the ability of a network to continue to operate in presence of k compromised nodes, i.e. the capacity of a network to endure and overcome internal attacks. In this context, we analyze four particular routing protocols (DSR, Gradient based, Greedy forwarding and Random walk routing). Using intensive simulations, we test their resiliency in presence of several compromised nodes in several adversary models

Enhancing Resiliency Against Routing Layer Attacks in Wireless Sensor Networks: Gradient-based Routing in Focus

International audienceThis paper focuses on the resiliency of wireless sensor network routing protocols against selective forwarding attacks by compromised nodes. Informally, resiliency should be understood as the capacity of the routing protocol to endure and mitigate the presence of a certain number of compromised nodes seeking to disturb the routing process. To provide for security when nodes may be compromised, cryptographic solutions must be completed by algorithmic solutions considering "beyond cryptography" approaches. In this article, after discussing the shortcomings of existing routing protocols against packet-dropping malicious nodes we describe some protocol behaviors enhancing routing resiliency under several combined routing attacks. These behaviors are mainly based on traffic redundancy and probabilistic selection for the next hop candidates, which permit to exploit and benefit from the inherent structural redundancy of densely deployed sensor networks. We consider the case that compromised nodes, prior to selective forwarding, and seeking to increase its impact, may perform several well known routing attacks such as Sinkhole, Sybil and Wormhole. Several variants of the well known gradient-based routing protocol were tested and simulation results show that using the proposed techniques resiliency can be improved. Nevertheless, as expected, resiliency comes at a cost and our results also shed some light on the resiliency-energy consumption trade-off. We propose in this paper the behaviors enhancing the resiliency of routing protocols under several combined routing attacks

Resiliency Taxonomy of Routing Protocols in Wireless Sensor Networks

International audienceLittle effort has been made to compare routing pro- tocols according to their resiliency in wireless multi-hop sensor networks in the presence of packet dropping malicious insiders. In this paper, we propose a new taxonomy of routing protocols obtained by applying our resiliency metric. Several resiliency enhancing methods such as introducing a random behavior to the classical routing protocols and a new data replication method based on the distance information have been evaluated as well. Simulation results demonstrate the effectiveness of the proposed approach

Network Coding versus Replication Based Resilient Techniques to Mitigate Insider Attacks for Smart Metering

International audienceThe main focus of this paper is the resilience of communication protocols for data gathering in distributed, large scale, and dense networks. In our previous work, we have proposed the resilient methods based on random behavior and data replications to improve route diversification, thus to take advantage of redundant network structure. Following these previous methods, we propose in this paper a new resilient method based on network coding techniques to improve resilience in Wireless Sensor Networks (WSNs) for smart metering applications. More precisely, using our resilience metric based on a performance surface, we compare several variants of a well-known gradient based routing protocol with the previous methods (random routing and packet replications) and the new proposed methods (two network coding techniques). The proposed methods outperformed the previous methods in terms of data delivery success even in the presence of high attack intensity